To use Cyware you must have cookies enabled. By Registering or Signing in, you agree to our Terms and Privacy Policy. You can also signup using Google Account. We will not use your credentials to import contacts or post anything on your account without your permission.For more info, please see Login FAQ.

New Chrome attack delivers malware through 'Missing Font'

Security researchers have unearthed a new threat vector for Google Chrome that tricks users into downloading a ‘missing font’ and subsequently installs a malware on their system.The trick was spotted first by Mahmoud Al-Qudsi, a security expert from NeoSmart Technologies while browsing an unnamed WordPress website was allegedly compromised already by the hackers. However, the attack was well disguised. The hackers had deployed JavaScript to tamper with the text rendering thereby causing the miscoded text to be resembled in place of actual content. Thereafter, the users are prompted by the script to install the missing Chrome font pack.

The sophistication of attack lies in the subtle threat vector employed by it. Apart from the missing font premise that looks credible, the dialog window has been professionally formatted to resemble an actual Chrome pop-up. The logo and the color used are actual ones.

As per the security firm, the users can figure out the malicious activity by carefully spotting some signs. First, the dialog window is hard-coded to tell that version 53 of Chrome is being run by the user. If the user is running a different version, the hack could be arrested in the first place itself. Secondly, the name of the download file displayed in the instruction image is Chrome_Font.exe which is different from the one that is actually downloaded and goes by the name Chrome Font v7.5.1.exe.

However, the users need to be careful with these signs if they intend to not fall prey to this hacking. This is because both Chrome and Windows Defender fail to filter out the file as malware and label it as malicious respectively. The security firm performed a precautionary scan through VirusTotal which revealed that only 9 out of 59 anti-virus software were able to accurately identify the file as malicious.

Who we are

Cyware is a first-of-its-kind, comprehensive cyber situational awareness platform, designed to help you stay informed about the latest happenings in the cyber world with expertly curated news stories and updates.

Our Technology

Let IBM's Watson Find the Right News For You

The cyber threat landscape is changing rapidly, and cybersecurity news has claimed its spot on the front pages in recent months. It's not easy to find the right information from tens of thousands of cyber news articles and feeds published every day. Our machine learning based curation engine brings you the most relevant cyber content based on your needs.

Receive Daily Cyber News in Your Inbox

From the latest cyber security trends and innovations to new malware, vulnerabilities and threat intelligence, we bring you the most up-to date and relevant cyber updates and news alerts.